[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [PATCH v2 1/4] sha1sum: use AF_ALG when available

From: Bruno Haible
Subject: Re: [PATCH v2 1/4] sha1sum: use AF_ALG when available
Date: Sun, 06 May 2018 02:42:58 +0200
User-agent: KMail/5.1.3 (Linux/4.4.0-119-generic; KDE/5.18.0; x86_64; ; )

Assaf Gordon wrote on 2018-04-25:
> On more general note, while the Crypto API is available since version 2.6.38,
> There are still some issues popping here and there.
> for example:
>   https://security-tracker.debian.org/tracker/CVE-2016-8646
>   https://bugzilla.redhat.com/show_bug.cgi?id=1395896
> Another example, the libkcapi [1] library (referenced from the kernel crypto 
> api documentation)
> contains a work-around for a bug in kernels pre-4.9 [2].
> I don't know if this is relevant for your implementation or not,
> but if it is, it's worth checking for this and other issues.
>   [1] http://www.chronox.de/libkcapi.html
>   [2] 
> https://github.com/smuellerDD/libkcapi/commit/b8d5941addb15fe5a716eef24060fbd306c06ec9

To me, it looks like all these bugs occur in the same case: namely,
when zero-sized input is given. That is, precisely the bug that my unit
tests found.

2018-05-05  Bruno Haible  <address@hidden>

        af_alg: Improve comments.
        * lib/af_alg.c (afalg_stream): Improve comment about kernel bug.

diff --git a/lib/af_alg.c b/lib/af_alg.c
index dc3ac6a..3b35e01 100644
--- a/lib/af_alg.c
+++ b/lib/af_alg.c
@@ -96,8 +96,8 @@ afalg_stream (FILE *stream, const char *alg, void *resblock, 
ssize_t hashlen)
           ret = -EIO;
           goto out_ofd;
-      /* On Linux 4.4.0 at least, the value for an empty stream is wrong
-         (all zeroes).  */
+      /* On Linux < 4.9, the value for an empty stream is wrong (all zeroes).
+         See <https://patchwork.kernel.org/patch/9434741/>.  */
       if (!non_empty)
           ret = -EAFNOSUPPORT;

reply via email to

[Prev in Thread] Current Thread [Next in Thread]